package com.github.easyms.server.config.shiro;

import com.github.easyms.common.constant.EasymsServiceStatus;
import com.github.easyms.common.property.EasymsProperties;
import com.github.easyms.common.util.RequestHelper;
import com.github.easyms.server.config.redis.RedisService;
import lombok.NoArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
import org.springframework.context.MessageSource;
import org.springframework.util.StringUtils;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Locale;

/**
 * JWt拦截器
 * @author Leo.Liao
 * @date 2020-04-09 22:50:15
 */
@Slf4j
@NoArgsConstructor
public class JwtFilter extends AuthenticatingFilter {

    private EasymsProperties easymsProperties;
    private RedisService redisService;
    private MessageSource messageSource;

    public JwtFilter(EasymsProperties easymsProperties, RedisService redisService,MessageSource messageSource) {
        this.easymsProperties = easymsProperties;
        this.redisService = redisService;
        this.messageSource = messageSource;
    }

    @Override
    protected AuthenticationToken createToken(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        JwtToken jwtToken = new JwtToken(null);
        String authorization = RequestHelper.getAuthorization((HttpServletRequest) servletRequest);
        if(StringUtils.isEmpty(authorization)){
            return jwtToken;
        }
        if(!redisService.existsKey(authorization)){
            return jwtToken;
        }
        return new JwtToken(authorization);
    }

    @Override
    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        String authorization = RequestHelper.getAuthorization((HttpServletRequest) servletRequest);
        if(StringUtils.isEmpty(authorization)){
            Locale language = RequestHelper.getLanguage((HttpServletRequest) servletRequest,easymsProperties.getDefaultLang());
            String message = messageSource.getMessage(EasymsServiceStatus.ACCESS_DENIED.getMsgCode(),null,language);
            RequestHelper.response401((HttpServletResponse) servletResponse, EasymsServiceStatus.ACCESS_DENIED.code(),message);
            return false;
        }
        return executeLogin(servletRequest, servletResponse);
    }

    @Override
    protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) {
        Locale language = RequestHelper.getLanguage((HttpServletRequest) request,easymsProperties.getDefaultLang());
        String message = messageSource.getMessage(EasymsServiceStatus.ACCESS_DENIED.getMsgCode(),null,language);
        RequestHelper.response401((HttpServletResponse) response, EasymsServiceStatus.ACCESS_DENIED.code(),message);
        return false;
    }
}
